6.4

CVE-2009-4325

Exploit

The Client Interfaces component in IBM DB2 8.2 before FP18, 9.1 before FP8, 9.5 before FP5, and 9.7 before FP1 does not validate an unspecified pointer, which allows attackers to overwrite "external memory" via unknown vectors, related to a missing "check for null pointers."

Daten sind bereitgestellt durch National Vulnerability Database (NVD)
IbmDb2 Version8.2
IbmDb2 Version8.2 Updatefp1
IbmDb2 Version8.2 Updatefp10
IbmDb2 Version8.2 Updatefp11
IbmDb2 Version8.2 Updatefp12
IbmDb2 Version8.2 Updatefp13
IbmDb2 Version8.2 Updatefp14
IbmDb2 Version8.2 Updatefp15
IbmDb2 Version8.2 Updatefp16
IbmDb2 Version8.2 Updatefp17
IbmDb2 Version8.2 Updatefp2
IbmDb2 Version8.2 Updatefp3
IbmDb2 Version8.2 Updatefp4
IbmDb2 Version8.2 Updatefp5
IbmDb2 Version8.2 Updatefp6
IbmDb2 Version8.2 Updatefp7
IbmDb2 Version8.2 Updatefp8
IbmDb2 Version8.2 Updatefp9
IbmDb2 Version9.1
IbmDb2 Version9.1 Updatefp1
IbmDb2 Version9.1 Updatefp2
IbmDb2 Version9.1 Updatefp3
IbmDb2 Version9.1 Updatefp3a
IbmDb2 Version9.1 Updatefp4
IbmDb2 Version9.1 Updatefp4a
IbmDb2 Version9.1 Updatefp5
IbmDb2 Version9.1 Updatefp6
IbmDb2 Version9.1 Updatefp6a
IbmDb2 Version9.1 Updatefp7
IbmDb2 Version9.5
IbmDb2 Version9.5 Updatefp1
IbmDb2 Version9.5 Updatefp2
IbmDb2 Version9.5 Updatefp2a
IbmDb2 Version9.5 Updatefp3
IbmDb2 Version9.5 Updatefp3a
IbmDb2 Version9.5 Updatefp3b
IbmDb2 Version9.7
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 1.78% 0.81
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 6.4 10 4.9
AV:N/AC:L/Au:N/C:N/I:P/A:P
CWE-20 Improper Input Validation

The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.